Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!MITRE.ARPA!mckee
From: mckee@MITRE.ARPA (H. Craig McKee)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: default broadcast address
Message-ID: <8807281829.AA03980@mitre.arpa>
Date: 28 Jul 88 18:29:25 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The MITRE Corp., Washington, D.C.
Lines: 31

>> First, try to the robustness principle: hosts should accept
>> AS BROADCASTS all the possible (i.e., legal or formerly legal)
>> broadcast addresses.

>Hosts should also accept AS BROADCASTS any packet that was sent to the
>link layer broadcast (and mulitcast???) address regardless of what the
>IP address was.
					David Bridgham
	
>Well, now, I would not put it quite that way.  To be an acceptable
>IP broadcast datagram, it must have a recogizable IP broadcast address
>in its destination field.  The problem we need to solve is the havoc
>(broadcast storms, etc) created by datagrams which arrive by local
>network broadcast but do not have a recognizable IP broadcast address.
>The discussions in the IETF Host Requirements Working Group have 
>concluded that the best thing to do with such datagrams is SILENTLY
>IGNORE THEM.

>Bob Braden

From a security aspect:
    Anything that can cause havoc (broadcast storms) can cause denial of
service.  Anything that may be silently ignored (by some folks) has the
potential of being used (by other folks) as part of a covert channel.

From a management aspect:
    I hope the people working on network management will devise
procedures that will allow a site or network manager or security officer
to create an audit record of "normal" and abnormal errors, at every
layer in the stack.

Regards - Craig